Tag Archives | data-security

Oh look! Another data-leak, this was was pretty bad as it contained plain-text passwords (who on earth doesn’t hash their passwords in the DB in 2011?!). Anyway this time it was a Groupon subsidary – Sosata.com which managed to leak the e-mail addresses and plain-text passwords for 300,000 users AND on top of that, Google […]

I’m always fascinated by side-channel attacks where the attack is focused on the underlying architecture of the cryptosystem and the data echos it creates rather than the algorithm or implementation itself. Similar somewhat to the recent breaking of OpenSSL using power fluctuations. This time some researcher type fellas focused on the digital noise autocomplete webforms […]

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy for SQL commands and has built in support for MySQL & PostgreSQL . The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands […]

This is a tool that performs version fingerprinting on Microsoft SQL Server 2000, 2005 and 2008, using well known techniques based on several public tools that identifies the SQL Version. The strength of this tool is that it uses probabilistic algorithm to identify the version of the Microsoft SQL Server. The “Microsoft SQL Server Fingerprint […]

There have been plenty of stories about Facebook in the past and the latest is about their new privacy system. From what I understand they have abandoned the previous concept of “Networks” and now everyone is open to everyone else. The network system was initially relevant when the site was targeted at only US college […]

Interesting story for our British readers, seems like back in Old Blighty people are a bit lax when it comes to keeping their security software up to date. Not only that, from the other aspects of the survey it seems UK is generally lacking in cybersecurity awareness and education with people not deleting dodgy files […]